1. Binary Protection.
2. Insufficient Transport Layer Protection.
3. Information Leakage – Server Version.
4. Information Leakage.
5. Insufficient Authorization/Authentication.
6. Cryptography – Improper Certificate Validation.
7. Brute Force – User Enumeration.
8. Insufficient Session Expiration.
9. Information Leakage – Application Cache.
10. Binary Protection – Insufficient Code Obfuscation.